You must use an administrator account that is assigned the Super_User administrative profile.

You can add a device to only one ADOM. You cannot add a device to multiple ADOMs.

You cannot add FortiGate and FortiCarrier devices to the same ADOM. FortiCarrier devices are added to a specific, default FortiCarrier ADOM.

You can add one or more VDOMs from a FortiGate device to one ADOM. If you want to add individual VDOMs from a FortiGate device to different ADOMs, you must first enable advanced device mode. See ADOM device modes.

When FortiAnalyzer features are enabled, you can configure how an ADOM handles log files from its devices. For example, you can configure how much disk space an ADOM can use for logs, and then monitor how much of the allotted disk space is used. You can also specify how long to keep logs indexed in the SQL database and how long to keep logs stored in a compressed format.

You can configure how an ADOM handles log files from its devices. For example, you can configure how much disk space an ADOM can use for logs, and then monitor how much of the allotted disk space is used. You can also specify how long to keep logs in the SQL database and how long to keep logs stored in compressed format.

To create an ADOM

Click Create New in the toolbar. The Create New ADOM pane is displayed.

Configure the following settings, then click OK to create the ADOM.

Name

Type a name that allows you to distinguish this ADOM from your other ADOMs. ADOM names must be unique.

Type

Select either FortiGate or FortiCarrier from the dropdown menu. The ADOM type cannot be edited.

Other device types are added to their respective default ADOM when registering with FortiManager.

Type

Select the type of device that you are creating an ADOM for. The ADOM type cannot be edited.

Although you can create a different ADOM for each type of device, FortiAnalyzer does not enforce this setting.

Version

Select the version of the devices in the ADOM. The ADOM version cannot be edited.

Although you can create a different ADOM for each version, FortiAnalyzer does not enforce this setting.

This option is only available when FortiManager features are enable and the device type is either FortiGate or FortiCarrier.

Devices

Add a device or devices with the selected versions to the ADOM. The search field can be used to find specific devices. See Assigning devices to an ADOM.

Central Management

Select the VPN checkbox to enable central VPN management.

Select the SD-WAN checkbox to enable central SD-WAN management.

Select the FortiAP checkbox to enable central FortiAP management. This checkbox is selected by default.

This option is only available when the Mode is Normal.

Mode

Select Normal mode if you want to manage and configure the connected FortiGate devices from the FortiManager GUI. Select Backup mode if you want to backup the FortiGate configurations to the FortiManager, but configure each FortiGate locally.

During the indexed state, logs are indexed in the SQL database for the specified amount of time. Information about the logs can be viewed in the FortiView, Event Manager, and Reports modules. After the specified length of time expires, Analytics logs are automatically purged from the SQL database.

Keep Logs for Archive

Specify how long to keep logs in the compressed state.

During the compressed state, logs are stored in a compressed format on the FortiAnalyzer unit. When logs are in the compressed state, information about the log messages cannot be viewed in the FortiView, Event Manager, or Reports modules. After the specified length of time expires, Archive logs are automatically deleted from the FortiAnalyzer unit.

Specify the maximum amount of FortiAnalyzer disk space to use for logs, and select the unit of measure.

The total available space on the FortiAnalyzer unit is shown.

For more information about the maximum available space for each FortiAnalyzer unit, see Disk space allocation.

Analytics : Archive

Specify the percentage of the allotted space to use for Analytics and Archive logs.

Analytics logs require more space than Archive logs. For example, a setting of 70% and 30% indicates that 70% of the allotted disk space will be used for Analytics logs, and 30% of the allotted space will be used for Archive logs. Select the Modify checkbox to change the setting.

Alert and Delete When Usage Reaches

Specify at what data usage percentage an alert messages will be generated and logs will be automatically deleted. The oldest Archive log files or Analytics database tables are deleted first.

Creating ADOMs

To create a new ADOM, you must be logged in as a super user administrator.

You must use an administrator account that is assigned the Super_User administrative profile.

You can add a device to only one ADOM. You cannot add a device to multiple ADOMs.

You cannot add FortiGate and FortiCarrier devices to the same ADOM. FortiCarrier devices are added to a specific, default FortiCarrier ADOM.

You can add one or more VDOMs from a FortiGate device to one ADOM. If you want to add individual VDOMs from a FortiGate device to different ADOMs, you must first enable advanced device mode. See ADOM device modes.

When FortiAnalyzer features are enabled, you can configure how an ADOM handles log files from its devices. For example, you can configure how much disk space an ADOM can use for logs, and then monitor how much of the allotted disk space is used. You can also specify how long to keep logs indexed in the SQL database and how long to keep logs stored in a compressed format.

You can configure how an ADOM handles log files from its devices. For example, you can configure how much disk space an ADOM can use for logs, and then monitor how much of the allotted disk space is used. You can also specify how long to keep logs in the SQL database and how long to keep logs stored in compressed format.

To create an ADOM

Click Create New in the toolbar. The Create New ADOM pane is displayed.

Configure the following settings, then click OK to create the ADOM.

Name

Type a name that allows you to distinguish this ADOM from your other ADOMs. ADOM names must be unique.

Type

Select either FortiGate or FortiCarrier from the dropdown menu. The ADOM type cannot be edited.

Other device types are added to their respective default ADOM when registering with FortiManager.

Type

Select the type of device that you are creating an ADOM for. The ADOM type cannot be edited.

Although you can create a different ADOM for each type of device, FortiAnalyzer does not enforce this setting.

Version

Select the version of the devices in the ADOM. The ADOM version cannot be edited.

Although you can create a different ADOM for each version, FortiAnalyzer does not enforce this setting.

This option is only available when FortiManager features are enable and the device type is either FortiGate or FortiCarrier.

Devices

Add a device or devices with the selected versions to the ADOM. The search field can be used to find specific devices. See Assigning devices to an ADOM.

Central Management

Select the VPN checkbox to enable central VPN management.

Select the SD-WAN checkbox to enable central SD-WAN management.

Select the FortiAP checkbox to enable central FortiAP management. This checkbox is selected by default.

This option is only available when the Mode is Normal.

Mode

Select Normal mode if you want to manage and configure the connected FortiGate devices from the FortiManager GUI. Select Backup mode if you want to backup the FortiGate configurations to the FortiManager, but configure each FortiGate locally.

During the indexed state, logs are indexed in the SQL database for the specified amount of time. Information about the logs can be viewed in the FortiView, Event Manager, and Reports modules. After the specified length of time expires, Analytics logs are automatically purged from the SQL database.

Keep Logs for Archive

Specify how long to keep logs in the compressed state.

During the compressed state, logs are stored in a compressed format on the FortiAnalyzer unit. When logs are in the compressed state, information about the log messages cannot be viewed in the FortiView, Event Manager, or Reports modules. After the specified length of time expires, Archive logs are automatically deleted from the FortiAnalyzer unit.

Specify the maximum amount of FortiAnalyzer disk space to use for logs, and select the unit of measure.

The total available space on the FortiAnalyzer unit is shown.

For more information about the maximum available space for each FortiAnalyzer unit, see Disk space allocation.

Analytics : Archive

Specify the percentage of the allotted space to use for Analytics and Archive logs.

Analytics logs require more space than Archive logs. For example, a setting of 70% and 30% indicates that 70% of the allotted disk space will be used for Analytics logs, and 30% of the allotted space will be used for Archive logs. Select the Modify checkbox to change the setting.

Alert and Delete When Usage Reaches

Specify at what data usage percentage an alert messages will be generated and logs will be automatically deleted. The oldest Archive log files or Analytics database tables are deleted first.